As storage interconnects evolve from single-host small-scale systems, such as
traditional SCSI, to the multi-host Internet-based systems of Network-attached
Secure Disks (NASD), protecting the integrity of data transfers between client
and storage becomes essential. However, it is also computationally expensive
and can impose significant performance penalties on storage systems.
This paper
explores several techniques that can protect the communications integrity of
storage requests and data transfers, imposing very little performance penalty
and significantly reducing the amount of required cryptography.

Central to this work is an alternative cryptographic approach, called
"Hash and MAC", that reduces the cost of protecting the integrity of
read traffic in storage devices that are unable to generate a message
authentication code at full data transfers rates. Hash and MAC does
this by precomputing security information, using and reusing the
precomputed information on subsequent read requests. We also present
a refined "Hash and MAC" approach that uses incremental hash
functions to improve the performance of small read and write
operations as well as non-block-aligned operations.